7.4. Ipv6 Prefix-list Commands

7.4.1. ipv6 prefix-list

Command Purpose

To create a ipv6 prefix list or add a prefix-list entry, use the ipv6 prefix-list command in Global Config mode.

To delete a prefix-list or an entry, use the no form of this command.

Prerequisites

Platform

Software

License

Comments

AQ-N3000

7.0

Base

AQ-N5000

7.0

Base

AQ-N6000

7.0

Base

Command Syntax

ipv6 prefix-list WORD [ seq SEQUENCE-NUMBER ] ( deny | permit ) (any | IPv6-ADDRESS/M [ ge GE-LENGTH ] [ le LE-LENGTH ] )

no ipv6 prefix-list WORD [ seq SEQUENCE-NUMBER ] ( deny | permit ) ( any | IPv6-ADDRESS/M [ ge GE-LENGTH ] [ le LE-LENGTH ] )

no ipv6 prefix-list WORD [ seq SEQUENCE-NUMBER ]

Parameter

Parameter Description

Parameter Value

WORD

Config a name to identify the prefix list

Up to 40 characters

seq SEQUENCE-NUMBER

Applies a sequence number to a prefix-list entry. The range of sequence number that can be entered is from 1 to 65535. If a sequence number is not entered when configuring this command, a default sequence numbering is applied to the prefix list. The number 5 is applied to the first prefix entry, and subsequent unnumbered entries are incremented by 5

1-65535

deny

Denies access for a matching condition

-

permit

Permits access for a matching condition

-

IPv6-ADDRESS /M

Configures the network address, and the length of the network mask in bits. The network number can be any valid IPv6 address or prefix. The bit mask can be a number from 0 to 128

IPv6 address and mask length between 1-128

ge GE-LENGTH

(Optional)Specifies the lesser value of a range (the “from” portion of the range description) by applying the ge-length argument to the range specified. The ge-length argument represents the minimum prefix length to be matched

1-128

le LE-LENGTH

(Optional)Specifies the greater value of a range (the “to “ portion of the range description) by applying the le-length argument to the range specified. The le-length argument represents the maximum prefix length to be matched

1-128

Command Mode

Global Config

Default

No prefix lists are created.

Usage

The ipv6 prefix-list command is used to configure IPv6 prefix filtering. Prefix lists are configured with permit or deny keywords to either permit or deny the prefix based on the matching condition. A prefix list consists of an IPv6 address and a bit mask. The IPv6 address can be global address, or a link-local address. The bit mask is entered as a number from 1 to 128. An implicit deny is applied to traffic that does not match any prefix-list entry. Prefix lists are configured to match an exact prefix length or a prefix range. The ge and le keywords are used to specify a range of the prefix lengths to match, providing more flexible configuration than can be configured with just the network/length argument. The prefix list is processed using an exact match when neither the ge nor le keyword is entered. If only the ge value is entered, the range is the value entered for the ge ge-length argument to a full 128-bit length. If only the le value is entered, the range is from value entered for the network/length argument to the le le-length argument. If both the ge ge-length and le le-length keywords and arguments are entered, the range falls between the values used for the ge-length and le-length arguments. The following formula shows this behavior:

network/length < ge ge-length < le le-length <= 128 .

A prefix list is configured with a name and/or sequence number. One or the other must be entered when configuring this command. If a sequence number is not entered, a default sequence number of 5 is applied to the prefix list. And subsequent prefix list entries will be increment by 5 (for example, 5, 10, 15, and onwards). If a sequence number is entered for the first prefix list entry but not subsequent entries, then the subsequent entries will also be incremented by 5 (For example, if the first configured sequence number is 3, then subsequent entries will be 8, 13, 18, and onwards). Default sequence numbers can be suppressed by entering the no form of this command with the seq keyword. Prefix lists are evaluated starting with the lowest sequence number and continues down the list until a match is made. Once a match is made that covers the network the permit or deny statement is applied to that network and the rest of the list is not evaluated.

Examples

The following example shows how to configure ipv6 prefix-list: To deny the default route ::/0:

Switch# configure terminal
Switch(config)# ipv6 prefix-list abc deny ::/0

To permit the prefix 2001:db8::/64:

Switch# configure terminal
Switch(config)# ipv6 prefix-list abc permit 2001:db8::/64

To accept a mask length of up to 64 bits in routes with the prefix 2001:db8::/32:

Switch# configure terminal
Switch(config)# ipv6 prefix-list abc permit 2001:db8::/32 le 64

To deny mask lengths greater than 64 bits in routes with the prefix 2001:db8::/32:

Switch# configure terminal
Switch(config)# ipv6 prefix-list abc deny 2001:db8::/32 ge 64

7.4.2. ipv6 prefix-list description

Command Purpose

To add a text description of a ipv6 prefix list, use the ipv6 prefix-list description command in global.

configuration mode. To remove the text description, use the no form of this command.

Prerequisites

Platform

Software

License

Comments

AQ-N3000

7.0

Base

AQ-N5000

7.0

Base

AQ-N6000

7.0

Base

Command Syntax

ipv6 prefix-list WORD description LINE

no ipv6 prefix-list WORD description [ LINE ]

Parameter

Parameter Description

Parameter Value

WORD

Name of prefix list

Up to 40 characters

LINE

The description of this prefix-list

Up to 80 characters

Command Mode

Global Config

Default

There is no description for prefix-list.

Usage

The ipv6 prefix list will be created if it didn’t exist.

Examples

The following example shows how to add description:

Switch# configure terminal
Switch(config)# ipv6 prefix-list abc description Permit routes from customer A

Related Commands

ipv6 prefix-list

ipv6 prefix-list sequence

show ipv6 prefix-list

clear ipv6 prefix-list

7.4.3. ipv6 prefix-list sequence-number

Command Purpose

To enable the generation of sequence numbers for entries in a ipv6 prefix list, use the ipv6 prefix-list sequence-number command in global configuration mode. To disable this function, use the no form of this command.

Prerequisites

Platform

Software

License

Comments

AQ-N3000

7.0

Base

AQ-N5000

7.0

Base

AQ-N6000

7.0

Base

Command Syntax

ipv6 prefix-list sequence-number

no ipv6 prefix-list sequence-number

Command Mode

Global Config

Default

This command has no default behavior.

Usage

This command is used to enable sequence-number display.

Examples

The following example shows how to enable ipv6 prefix-list sequence-number:

Switch# configure terminal
Switch(config)# interface eth-0-1
Switch(config-if)# ipv6 prefix-list sequence-number

Related Commands

ipv6 prefix-list

show ipv6 prefix-list

clear ipv6 prefix-list

7.4.4. show ipv6 prefix-list

Command Purpose

To show ipv6 prefix list information, use the show ipv6 prefix-list command.

Prerequisites

Platform

Software

License

Comments

AQ-N3000

7.0

Base

AQ-N5000

7.0

Base

AQ-N6000

7.0

Base

Command Syntax

show ipv6 prefix-list ( summary | detail | ) ( WORD | )

show ipv6 prefix-list WORD ( seq SEQUENCE-NUMBER | IPv6-ADDRESS /M ( longer | first-match | ) | )

Parameter

Parameter Description

Parameter Value

summary

Summary of prefix lists

-

detail

Detail of prefix lists

-

WORD

Name of the prefix list

Up to 40 characters

seq SEQUENCE-NUMBER

sequence number of the entry in the ipv6 prefix list

1-65535

IPv6-ADDRESS /M

IPv6 prefix/,e.g., 2001:db8::/32

IPv6 address and mask length between 1-128

longer

Lookup longer prefix

-

first-match

First matched prefix

-

Command Mode

Privileged EXEC

Default

This command has no default behavior.

Usage

None

Examples

The following example shows how to display ip prefix-list:

Switch# show ipv6 prefix-list 

ipv6 prefix-list ripng_pre: 5 entries
     seq 1 deny 2001:db8:9::/64
     seq 2 deny 2001:db8:10::/64
     seq 3 deny 2001:db8:11::/64
     seq 4 deny 2001:db8:12::/64
     seq 5 permit any

Related Commands

ipv6 prefix-list

clear ipv6 prefix-list

7.4.5. clear ipv6 prefix-list

Command Purpose

To Resets the hit count of the prefix list entries, use the clear ipv6 prefix-list command.

Prerequisites

Platform

Software

License

Comments

AQ-N3000

7.0

Base

AQ-N5000

7.0

Base

AQ-N6000

7.0

Base

Command Syntax

clear ipv6 prefix-list ( WORD ( IPv6-ADDRESS /M | ) | )

Parameter

Parameter Description

Parameter Value

WORD

Name of the prefix list

Up to 40 characters

IPv6-ADDRESS /M

IPv6 prefix/,e.g., 2001:db8::/32

IPv6 address and mask length between 1-128

Command Mode

Privileged EXEC

Default

This command has no default behavior.

Usage

None

Examples

The following example shows how to clear ipv6 prefix-list:

Switch# configure terminal
Switch(config)# clear ipv6 prefix-list test

Related Commands

ipv6 prefix-list